Browse > Article
http://dx.doi.org/10.13089/JKIISC.2018.28.3.617

Android Malware Detection Using Permission-Based Machine Learning Approach  

Kang, Seongeun (Soongsil University)
Long, Nguyen Vu (Soongsil University)
Jung, Souhwan (Soongsil University)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.28, no.3, 2018 , pp. 617-623 More about this Journal
Abstract
This study focuses on detection of malicious code through AndroidManifest permissoion feature extracted based on Android static analysis. Features are built on the permissions of AndroidManifest, which can save resources and time for analysis. Malicious app detection model consisted of SVM (support vector machine), NB (Naive Bayes), Gradient Boosting Classifier (GBC) and Logistic Regression model which learned 1,500 normal apps and 500 malicious apps and 98% detection rate. In addition, malicious app family identification is implemented by multi-classifiers model using algorithm SVM, GPC (Gaussian Process Classifier) and GBC (Gradient Boosting Classifier). The learned family identification machine learning model identified 92% of malicious app families.
Keywords
android; malware; static analysis; machine leaning;
Citations & Related Records
연도 인용수 순위
  • Reference
1 Sarma, Bhaskar Pratim, et al. "Android permissions: a perspective combining risks and benefits," Proceedings of the 17th ACM symposium on Access Control Models and Technologies. pp. 13-22, Jun 2012.
2 Dalvik Executable format, https://source.android.com/devices/tech/dalvik/dex-format, 2018
3 Yang, Zhemin, and Min Yang. "Leakminer: Detect information leakage on android with static taint analysis," Software Engineering (WCSE), 2012 Third World Congress on, pp. 101-104, Nov, 2012.
4 Pedregosa, Fabian, et al. "Scikitlearn: Machine learning in Python," Journal of machine learning research, pp.2825-2830. 12. Oct, 2011
5 Peiravian, Naser, and Xingquan Zhu. "Machine learning for android malware detection using permission and api calls," Tools with Artificial Intelligence (ICTAI), 2013 IEEE 25th International Conference on, pp.300-305, Nov. 2013.
6 Ham, Hyo-Sik, and Mi-Jung Choi. "Analysis of android malware detection performance using machine learning classifiers," ICT Convergence (ICTC), 2013 International Conference on, pp.490-495, Oct, 2013.
7 "Mobile trends in 2015," KT Economic Management Institute, Jan. 2015
8 IDC, "http://www.idc.com/promo/smartphone-market-share/vendor", Mar, 2017
9 "Threat Report", McAfee Labs, Dec. 2017
10 Jang, Jae-wook, et al. "Andro-autopsy: Anti-malware system based on similarity matching of malware and malware creator-centric information," Digital Investigation, vol.14, pp.17-35. 2015   DOI
11 Suarez-Tangil, Guillermo, et al. "DroidSieve: Fast and accurate classification of obfuscated android malware," Proceedings of the Seventh ACM on Conference on Data and Application Security and Privacy. pp. 309-320, Mar. 2017.
12 apk_parse, "https://github.com/tdoly/apk_parse," 2018
13 Android-apktool: A tool for reengineering Android apk files. "https://ibotpeaches.github.io/Apktool/," 2018